From b90dc8b600f020ff071de26feee175b87b5faf36 Mon Sep 17 00:00:00 2001
From: deraadt <deraadt@openbsd.org>
Date: Sat, 10 Oct 2015 21:19:14 +0000
Subject: [PATCH] env(1) is obviously a program falling into pledge "stdio
 exec".  It does stdio, and it does a raw execve().  It is so obvious.  It
 gets only _exit(2), kbind(2), and 46 system calls -- over half of which are
 deeply gutted in their functionality to only serve narrow libc needs for
 "stdio (includes malloc)".  the other 161 system calls kill it.

---
 usr.bin/env/env.c | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/usr.bin/env/env.c b/usr.bin/env/env.c
index 5596e6fc2f2..87e9a0b8e4b 100644
--- a/usr.bin/env/env.c
+++ b/usr.bin/env/env.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: env.c,v 1.15 2014/03/08 00:09:20 schwarze Exp $	*/
+/*	$OpenBSD: env.c,v 1.16 2015/10/10 21:19:14 deraadt Exp $	*/
 
 /*
  * Copyright (c) 1988, 1993, 1994
@@ -49,6 +49,9 @@ main(int argc, char *argv[])
 
 	setlocale(LC_ALL, "");
 
+	if (pledge("stdio exec", NULL) == -1)
+		err(1, "pledge");
+
 	while ((ch = getopt(argc, argv, "i-")) != -1)
 		switch(ch) {
 		case '-':			/* obsolete */
-- 
2.20.1